General

Summary

A vulnerability has been found in Oracle Java SE JRE up to 7 Update 4 and classified as critical. This vulnerability affects an unknown function of the component Hotspot. The manipulation with an unknown input leads to a buffer overflow vulnerability. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

The weakness was presented 06/12/2012 by Andrei Costin with Oracle as confirmed bulletin. The advisory is shared for download at oracle.com. The public release was coordinated in cooperation with the vendor. This vulnerability was named CVE-2012-1723 since 03/16/2012. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are unknown but a private exploit is available.

After 2 months, there has been an exploit disclosed. The exploit is shared for download at exploit-db.com. The vulnerability scanner Nessus provides a plugin with the ID 69695 (Amazon Linux AMI : java-1.6.0-openjdk Multiple Vulnerabilities (ALAS-2012-88)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Amazon Linux Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 120282.

Applying a patch is able to eliminate this problem. The bugfix is ready for download at oracle.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. Attack attempts may be identified with Snort ID 21438. Furthermore it is possible to detect and prevent this kind of attack with HP TippingPoint and the filter 12877. The vulnerability is also documented in the databases at OSVDB (82877), SecurityFocus (BID 52161), Secunia (SA49472), SecurityTracker (ID 1027153) and VulnerabilityCenter (SBV-35344). Additional details are provided at support.apple.com. Similar entries are available at 5547, 5549, 5550 and 5551.